计算机应用 ›› 2015, Vol. 35 ›› Issue (1): 68-71.DOI: 10.11772/j.issn.1001-9081.2015.01.0068

• 信息安全 • 上一篇    下一篇

P2P僵尸网络的传播建模与分析

冯丽萍1, 宋礼鹏2, 王鸿斌1, 赵青杉1   

  1. 1. 忻州师范学院 计算机系, 山西 忻州034000;
    2. 中北大学 计算机与控制工程学院, 太原030051
  • 收稿日期:2014-08-18 修回日期:2014-09-20 出版日期:2015-01-01 发布日期:2015-01-26
  • 通讯作者: 冯丽萍
  • 作者简介:冯丽萍(1976-),女,山西宁武人,副教授,博士,主要研究方向:网络安全、复杂网络、动力系统;宋礼鹏(1975-),男,山西温水人,副教授,博士,主要研究方向:网络安全、社会网络分析及计算;王鸿斌(1972-),男,山西河曲人,教授,博士,主要研究方向:网络安全、无线传感器网络;赵青杉(1972-),男,山西五台人,教授,主要研究方向:数据挖掘、网络安全.
  • 基金资助:

    国家自然科学基金资助项目(61379125);山西省高校科技创新项目(2013148);山西省自然科学基金资助项目(2012011015-3);忻州师范学院重点学科建设项目(ZDXK201204, XK201307).

Propagation modeling and analysis of peer-to-peer botnet

FENG Liping1, SONG Lipeng2, WANG Hongbin1, ZHAO Qingshan1   

  1. 1. Computer Science Department, Xinzhou Teachers University, Xinzhou Shanxi 034000, China;
    2. School of Computer Science and Control Engineering, North University of China, Taiyuan Shanxi 030051, China
  • Received:2014-08-18 Revised:2014-09-20 Online:2015-01-01 Published:2015-01-26

摘要:

为了有效控制自愿式P2P僵尸网络的大规模爆发,从动力学的角度研究了僵尸网络的传播规律.首先,根据僵尸网络的形成过程,建立了一个时滞微分方程模型;其次,通过详细的数学分析得出了有效控制僵尸网络的阈值表达式;最后,数值模拟验证了理论分析的正确性.理论分析和实验结果均表明,当基本再生数的值小于1时,僵尸网络可以被完全控制;否则,安全防御措施只能减小僵尸网络的规模.模拟结果还表明,降低僵尸程序的感染率或提高网络节点的免疫率,可以有效控制僵尸网络的爆发.实际网络管理中,可以通过不均匀分布网络节点、及时下载漏洞补丁等措施控制僵尸程序的传播.

关键词: P2P僵尸网络, 网络安全, 动力学, 病毒模型, 计算机病毒

Abstract:

To effectively control large-scale outbreak, the propagation properties of the leeching P2P (Peer-to-Peer) botnet was studied using dynamics theory. Firstly, a delayed differential-equation model was proposed according to the formation of the botnet. Secondly, the threshold expression of controlling botnet was obtained by the explicit mathematical analysis. Finally, the numerical simulations verified the correctness of theoretical analysis. The theoretical analysis and experimental results show that the botnet can be completely eliminated if the basic reproduction number is less than 1. Otherwise, the defense measures can only reduce the scale of botnet. The simulation results show that decreasing the infection rate of bot programs or increasing the immune rate of nodes in the network can effectively inhibit the outbreak of botnet. In practice, the propagation of bot programs can be controlled by some measures, such as uneven distribution of nodes in the network, timely downloading patch and so on.

Key words: Peer-to-Peer (P2P) botnet, network security, dynamics, virus model, computer virus

中图分类号: